If your AI agent needs to audit AWS security posture without wrestling with SDKs or containers, this server exposes seven static binary scanners covering S3, IAM, EC2, EKS, RDS, CloudTrail, and CloudWatch Logs. Each scanner is a self-contained ~2MB Rust binary with zero dependencies. The MCP interface provides search and get operations that let agents discover the right scanner, fetch download commands with SHA256 verification, and run checks that return structured JSON with severity levels and remediation hints. Exit codes are designed for branching logic. You get 50 free scans per day over streamable HTTP, no API key required. Reach for this when you want agents to find misconfigurations like public S3 buckets, missing MFA, or unencrypted RDS instances using read-only IAM permissions.
claude mcp add --transport http io.github.kloudle-cloud-security-scanner https://mcp.kloudle.dev/mcp